diff options
| author | Brad Davis <brd@FreeBSD.org> | 2014-07-08 19:53:12 +0000 |
|---|---|---|
| committer | Brad Davis <brd@FreeBSD.org> | 2014-07-08 19:53:12 +0000 |
| commit | bd445ab0c71f893a25c5b63689814227b05b9989 (patch) | |
| tree | d6af1e139066b190aff83350d87d83e1d4424b95 /security/ossec-hids-server | |
| parent | 9ce57f7e6ce380c893af760d6cbec32d30d6a346 (diff) | |
| download | ports-bd445ab0c71f893a25c5b63689814227b05b9989.tar.gz ports-bd445ab0c71f893a25c5b63689814227b05b9989.zip | |
- Fix the permissions so ossec-hids-client will actually start.
1: Based on a submission by Johan
PR: 190709 [1]
Submitted by: Johan Strom <johan@stromnet.se> [1]
Reviewed by: swills@
Notes
Notes:
svn path=/head/; revision=361282
Diffstat (limited to 'security/ossec-hids-server')
| -rw-r--r-- | security/ossec-hids-server/files/patch-src__InstallAgent.sh | 91 |
1 files changed, 88 insertions, 3 deletions
diff --git a/security/ossec-hids-server/files/patch-src__InstallAgent.sh b/security/ossec-hids-server/files/patch-src__InstallAgent.sh index be1773c57e79..442d6eb3753e 100644 --- a/security/ossec-hids-server/files/patch-src__InstallAgent.sh +++ b/security/ossec-hids-server/files/patch-src__InstallAgent.sh @@ -1,5 +1,5 @@ ---- ./src/InstallAgent.sh.orig 2013-10-29 12:13:44.000000000 -0600 -+++ ./src/InstallAgent.sh 2014-05-16 07:12:31.133178776 -0600 +--- src/InstallAgent.sh.orig 2013-10-29 12:13:44.000000000 -0600 ++++ src/InstallAgent.sh 2014-06-20 10:30:22.531480743 -0600 @@ -37,11 +37,11 @@ # Creating groups/users @@ -17,6 +17,91 @@ elif [ "$UNAME" = "SunOS" ]; then grep "^${USER}" /etc/passwd > /dev/null 2>&1 +@@ -107,21 +107,21 @@ + + # Default for all directories + chmod -R 550 ${DIR} +-chown -R root:${GROUP} ${DIR} ++#chown -R root:${GROUP} ${DIR} + + # To the ossec queue (default for agentd to read) +-chown -R ${USER}:${GROUP} ${DIR}/queue/ossec ++#chown -R ${USER}:${GROUP} ${DIR}/queue/ossec + chmod -R 770 ${DIR}/queue/ossec + + # For the logging user +-chown -R ${USER}:${GROUP} ${DIR}/logs ++#chown -R ${USER}:${GROUP} ${DIR}/logs + chmod -R 750 ${DIR}/logs + chmod -R 775 ${DIR}/queue/rids + touch ${DIR}/logs/ossec.log +-chown ${USER}:${GROUP} ${DIR}/logs/ossec.log ++#chown ${USER}:${GROUP} ${DIR}/logs/ossec.log + chmod 664 ${DIR}/logs/ossec.log + +-chown -R ${USER}:${GROUP} ${DIR}/queue/diff ++#chown -R ${USER}:${GROUP} ${DIR}/queue/diff + chmod -R 750 ${DIR}/queue/diff + chmod 740 ${DIR}/queue/diff/* > /dev/null 2>&1 + +@@ -130,7 +130,7 @@ + + # For the etc dir + chmod 550 ${DIR}/etc +-chown -R root:${GROUP} ${DIR}/etc ++#chown -R root:${GROUP} ${DIR}/etc + + ls /etc/localtime > /dev/null 2>&1 + if [ $? = 0 ]; then +@@ -168,12 +168,12 @@ + cp -pr ../etc/client.keys ${DIR}/etc/ > /dev/null 2>&1 + cp -pr agentlessd/scripts/* ${DIR}/agentless/ + +-chown root:${GROUP} ${DIR}/etc/internal_options.conf +-chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 +-chown root:${GROUP} ${DIR}/agentless/* +-chown ${USER}:${GROUP} ${DIR}/.ssh +-chown -R root:${GROUP} ${DIR}/etc/shared ++#chown root:${GROUP} ${DIR}/etc/internal_options.conf ++#chown root:${GROUP} ${DIR}/etc/local_internal_options.conf > /dev/null 2>&1 ++#chown root:${GROUP} ${DIR}/etc/client.keys > /dev/null 2>&1 ++#chown root:${GROUP} ${DIR}/agentless/* ++#chown ${USER}:${GROUP} ${DIR}/.ssh ++#chown -R root:${GROUP} ${DIR}/etc/shared + + chmod 550 ${DIR}/etc + chmod 440 ${DIR}/etc/internal_options.conf +@@ -186,7 +186,7 @@ + + # For the /var/run + chmod 770 ${DIR}/var/run +-chown root:${GROUP} ${DIR}/var/run ++#chown root:${GROUP} ${DIR}/var/run + + + # Moving the binary files +@@ -198,7 +198,7 @@ + cp -pr ./init/ossec-client.sh ${DIR}/bin/ossec-control + cp -pr addagent/manage_agents ${DIR}/bin/ + cp -pr ../contrib/util.sh ${DIR}/bin/ +-chown root:${GROUP} ${DIR}/bin/util.sh ++#chown root:${GROUP} ${DIR}/bin/util.sh + chmod +x ${DIR}/bin/util.sh + + # Copying active response modules +@@ -206,9 +206,9 @@ + cp -pr ../active-response/*.sh ${DIR}/active-response/bin/ + cp -pr ../active-response/firewalls/*.sh ${DIR}/active-response/bin/ + chmod 755 ${DIR}/active-response/bin/* +-chown root:${GROUP} ${DIR}/active-response/bin/* ++#chown root:${GROUP} ${DIR}/active-response/bin/* + +-chown root:${GROUP} ${DIR}/bin/* ++#chown root:${GROUP} ${DIR}/bin/* + chmod 550 ${DIR}/bin/* + + @@ -223,10 +223,10 @@ if [ $? = 0 ]; then cp -pr ../etc/ossec.mc ${DIR}/etc/ossec.conf @@ -26,7 +111,7 @@ fi -chown root:${GROUP} ${DIR}/etc/ossec.conf -chmod 440 ${DIR}/etc/ossec.conf -+chown root:${GROUP} ${DIR}/etc/ossec.conf.sample ++#chown root:${GROUP} ${DIR}/etc/ossec.conf.sample +chmod 440 ${DIR}/etc/ossec.conf.sample |